<?php

session_start();
include ("../config/koneksi.php");

$username = $_POST['username'];
$pass = $_POST['password'];

if (!empty($username)){
    if (!empty($pass)){
        $sql = mysql_query("SELECT * FROM user WHERE username='".$username."' AND password='".$pass."'");
        $tes = mysql_num_rows($sql);
            if ($tes == 1){
                $hasil = mysql_fetch_array($sql);
                session_start();
                $_SESSION['user_id'] = $hasil[0];
                $_SESSION['username'] = $hasil[2];
                $_SESSION['password'] = $hasil[3]; 
                header("location:index.php");
            }else{
                echo "<script type='text/javascript'>
                        alert ('Kombinasi username dan password tidak cocok');
                    </script>
                    <meta http-equiv='refresh' content='0.5;url=http://localhost/jadi/loginuser/signin.php'>
                    ";

            }
    }else{
        echo "Anda belum mengisi password";
    }
}else{
    echo "Anda belum mengisi username";
}
?>